An approach to evaluation of common DNS misconfigurations
share
DNS is a basic Internet service which almost all other user services depend on. However, what has been perceived in practice are a lot of inconsistencies and errors in the configuration of servers that cause different problems. The majority of such cases are included in this research with the aim of identifying and classifying the major problems of DNS availability, performance and security. In order to analyze these problems in correlation with DNS administrators working practice, we have developed a methodology and tool for testing, quantifying and analysis of DNS misconfigurations. The methodology and tool were applied on three heterogeneous domain categories - the most popular Internet domains, academic domains and one national top level domain. Our results confirm relatively high percentage of misconfigured domains, especially in the academic and national categories. However, we have shown that fixing the configuration on relatively small number of name servers can have significant impact to great number of domains. Proper domain management, permanent testing and collaboration with other administrators are identified as measures to improve domains operation, stability and security.
READ FULL TEXT